8,965 tools
Package verification tool for npm with various verification and testing capabilities.
Package verification tool for npm with various verification and testing capabilities.
Web-based tool for incident response with easy local installation using Docker.
Web-based tool for incident response with easy local installation using Docker.
Kiam is a Kubernetes agent that allows Pods to assume AWS IAM roles, though it is being deprecated in favor of AWS' official IAM roles for Service Accounts solution.
Kiam is a Kubernetes agent that allows Pods to assume AWS IAM roles, though it is being deprecated in favor of AWS' official IAM roles for Service Accounts solution.
Malscan is a tool to scan process memory for YARA matches and execute Python scripts.
Malscan is a tool to scan process memory for YARA matches and execute Python scripts.
Emulates browser functionality to detect exploits targeting browser vulnerabilities.
Emulates browser functionality to detect exploits targeting browser vulnerabilities.
A next-generation web scanner that identifies websites and recognizes web technologies, including content management systems, blogging platforms, and more.
A next-generation web scanner that identifies websites and recognizes web technologies, including content management systems, blogging platforms, and more.
An OpenFlow honeypot that detects unused IP addresses and simulates network traffic to attract and analyze potential threats
An OpenFlow honeypot that detects unused IP addresses and simulates network traffic to attract and analyze potential threats
Unfetter is a reference implementation framework that collects events from client machines and performs CAR analytics using an ELK stack with Apache Spark to detect potential adversary activity.
Unfetter is a reference implementation framework that collects events from client machines and performs CAR analytics using an ELK stack with Apache Spark to detect potential adversary activity.
View physical memory as files in a virtual file system for easy memory analysis and artifact access.
View physical memory as files in a virtual file system for easy memory analysis and artifact access.
Metta is an information security preparedness tool for adversarial simulation.
Metta is an information security preparedness tool for adversarial simulation.
An open source threat intelligence platform for storing and managing cyber threat intelligence knowledge.
An open source threat intelligence platform for storing and managing cyber threat intelligence knowledge.
Compact C framework for analyzing suspected malware documents and detecting exploits and embedded executables.
Compact C framework for analyzing suspected malware documents and detecting exploits and embedded executables.
A comprehensive library documenting Amazon S3 attack scenarios and risk-based mitigation strategies for cloud storage security.
A comprehensive library documenting Amazon S3 attack scenarios and risk-based mitigation strategies for cloud storage security.
An open-source penetration testing framework for social engineering with custom attack vectors.
An open-source penetration testing framework for social engineering with custom attack vectors.
A Python script for creating a cohesive and up-to-date penetration testing framework.
A Python script for creating a cohesive and up-to-date penetration testing framework.
A bash-based anti-forensic script that monitors USB ports and triggers system shutdown when unauthorized devices are detected.
A bash-based anti-forensic script that monitors USB ports and triggers system shutdown when unauthorized devices are detected.
Open source security auditing tool to search and dump system configuration.
Open source security auditing tool to search and dump system configuration.
An open source honeypot for NoSQL databases with support for Redis and additional features for detecting attackers and logging attack incidents.
An open source honeypot for NoSQL databases with support for Redis and additional features for detecting attackers and logging attack incidents.
A collection of vulnerable web application test cases designed to benchmark and evaluate the effectiveness of static security analyzers and penetration testing tools.
A collection of vulnerable web application test cases designed to benchmark and evaluate the effectiveness of static security analyzers and penetration testing tools.
Prowler is an open source multi-cloud security assessment tool that performs audits, compliance checks, and security evaluations across AWS, Azure, GCP, and Kubernetes environments.
Prowler is an open source multi-cloud security assessment tool that performs audits, compliance checks, and security evaluations across AWS, Azure, GCP, and Kubernetes environments.
A private network system utilizing WireGuard for enhanced networking capabilities.
A private network system utilizing WireGuard for enhanced networking capabilities.
A Docker MultiStage build implementation that integrates CVE scanning into Alpine Linux container builds using Docker 17.05's build-time vulnerability assessment capabilities.
A Docker MultiStage build implementation that integrates CVE scanning into Alpine Linux container builds using Docker 17.05's build-time vulnerability assessment capabilities.
DOS attack by sending fake BPDUs to disrupt switches' STP engines.
DOS attack by sending fake BPDUs to disrupt switches' STP engines.